search

geerlingguy / ansible-role-clamav

Ansible Role - ClamAV.
https://galaxy.ansible.com/geerlingguy/clamav/
MIT License
60 stars 51 forks source link

Getting "Service is in unknown state" error #22

Closed mhkhung closed 2 years ago

mhkhung commented 3 years ago

I am using your geerlingguy/docker-debian10-ansible in Dockerfile and when I run docker build, I am getting:

#10 132.2 TASK [geerlingguy.clamav : include_tasks] **************************************
#10 132.3 included: /tmp/provisioner/roles/geerlingguy.clamav/tasks/setup-vars.yml for localhost
#10 132.3 
#10 132.3 TASK [geerlingguy.clamav : Define clamav_daemon.] ******************************
#10 132.3 ok: [localhost]
#10 132.3 
#10 132.3 TASK [geerlingguy.clamav : Define clamav_freshclam_daemon.] ********************
#10 132.4 ok: [localhost]
#10 132.4 
#10 132.4 TASK [geerlingguy.clamav : Define clamav_packages.] ****************************
#10 132.4 ok: [localhost]
#10 132.4 
#10 132.4 TASK [geerlingguy.clamav : Ensure ClamAV packages are installed.] **************
#10 139.8 changed: [localhost] => (item=clamav)
#10 142.1 ok: [localhost] => (item=clamav-base)
#10 146.6 changed: [localhost] => (item=clamav-daemon)
#10 146.6 
#10 146.6 TASK [geerlingguy.clamav : Run freshclam after ClamAV packages change.] ********
#10 176.2 changed: [localhost]
#10 176.2 
#10 176.2 TASK [geerlingguy.clamav : include_tasks] **************************************
#10 176.2 skipping: [localhost]
#10 176.2 
#10 176.2 TASK [geerlingguy.clamav : Change configuration for the ClamAV daemon.] ********
#10 176.6 ok: [localhost] => (item={'regexp': '^.*Example$', 'state': 'absent'})
#10 176.8 ok: [localhost] => (item={'regexp': '^.*LocalSocket .*$', 'line': 'LocalSocket /var/run/clamav/clamd.ctl'})
#10 176.8 
#10 176.8 TASK [geerlingguy.clamav : Ensure ClamAV daemon is running (if configured).] ***
#10 177.4 fatal: [localhost]: FAILED! => {"changed": false, "msg": "Service is in unknown state", "status": {}}
#10 177.4 
#10 177.4 RUNNING HANDLER [geerlingguy.clamav : restart clamav daemon] *******************
#10 177.4 
#10 177.4 PLAY RECAP *********************************************************************
#10 177.4 localhost                  : ok=13   changed=6    unreachable=0    failed=1    skipped=1    rescued=0    ignored=0   
#10 177.4
Lusitaniae commented 3 years ago

Possibly related, I've been getting the error below since 3rd September (13 days ago)

    amazon-ebs: TASK [geerlingguy.clamav : Ensure ClamAV daemon is running (if configured).] ***
    amazon-ebs: Thursday 16 September 2021  05:27:36 +0000 (0:00:00.195)       0:02:58.185 ****
    amazon-ebs: fatal: [hostname]: FAILED! => {"changed": false, "msg": "Unable to start service clamd@scan: Job for clamd@scan.service failed because the control process exited with error code. See \"systemctl status clamd@scan.service\" and \"journalctl -xe\" for details.
"}

the whole log for the role section

amazon-ebs: TASK [geerlingguy.clamav : Include OS-Specific variables] **********************
amazon-ebs: Thursday 16 September 2021  05:27:04 +0000 (0:00:00.124)       0:02:26.703 ****
amazon-ebs: ok: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : include_tasks] **************************************
amazon-ebs: Thursday 16 September 2021  05:27:04 +0000 (0:00:00.092)       0:02:26.795 ****
amazon-ebs: included: /root/.ansible/roles/geerlingguy.clamav/tasks/setup-vars.yml for hostname
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Define clamav_daemon.] ******************************
amazon-ebs: Thursday 16 September 2021  05:27:04 +0000 (0:00:00.099)       0:02:26.894 ****
amazon-ebs: ok: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Define clamav_freshclam_daemon.] ********************
amazon-ebs: Thursday 16 September 2021  05:27:05 +0000 (0:00:00.118)       0:02:27.013 ****
amazon-ebs: ok: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Define clamav_packages.] ****************************
amazon-ebs: Thursday 16 September 2021  05:27:05 +0000 (0:00:00.093)       0:02:27.107 ****
amazon-ebs: ok: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Ensure ClamAV packages are installed.] **************
amazon-ebs: Thursday 16 September 2021  05:27:05 +0000 (0:00:00.086)       0:02:27.193 ****
amazon-ebs: changed: [hostname] => (item=clamav)
amazon-ebs: ok: [hostname] => (item=clamav-update)
amazon-ebs: changed: [hostname] => (item=clamav-scanner-systemd)
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Run freshclam after ClamAV packages change.] ********
am
am
am
am
am
am
am
am
amazon-ebs: Thursday 16 September 2021  05:27:14 +0000 (0:00:09.465)       0:02:36.659 ****
amazon-ebs: changed: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : include_tasks] **************************************
amazon-ebs: Thursday 16 September 2021  05:27:35 +0000 (0:00:20.893)       0:02:57.552 ****
amazon-ebs: included: /root/.ansible/roles/geerlingguy.clamav/tasks/setup-RedHat.yml for hostname
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Ensure Freshclam service is available.] *************
amazon-ebs: Thursday 16 September 2021  05:27:35 +0000 (0:00:00.162)       0:02:57.715 ****
amazon-ebs: changed: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Reload systemd after adding service.] ***************
amazon-ebs: Thursday 16 September 2021  05:27:35 +0000 (0:00:00.109)       0:02:57.825 ****
amazon-ebs: ok: [hostname]
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Change configuration for the ClamAV daemon.] ********
amazon-ebs: Thursday 16 September 2021  05:27:36 +0000 (0:00:00.164)       0:02:57.989 ****
amazon-ebs: changed: [hostname] => (item={'regexp': '^.*Example$', 'state': 'absent'})
amazon-ebs: changed: [hostname] => (item={'regexp': '^.*LocalSocket .*$', 'line': 'LocalSocket /var/run/clamd.scan/clamd.sock'})
amazon-ebs:
amazon-ebs: TASK [geerlingguy.clamav : Ensure ClamAV daemon is running (if configured).] ***
amazon-ebs: Thursday 16 September 2021  05:27:36 +0000 (0:00:00.195)       0:02:58.185 ****
amazon-ebs: fatal: [hostname]: FAILED! => {"changed": false, "msg": "Unable to start service clamd@scan: Job for clamd@scan.service failed because the control process exited with error code. See \"systemctl status clamd@scan.service\" and \"journalctl -xe\" for details.
"}
cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)

/var/log/messages

Sep 16 14:54:52 ip-172-31-42-25 systemd: Starting clamd scanner (scan) daemon...
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: Received 0 file descriptor(s) from systemd.
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: clamd daemon 0.103.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: Log file size limited to 1048576 bytes.
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: Reading databases from /var/lib/clamav
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: Not loading PUA signatures.
Sep 16 14:54:52 ip-172-31-42-25 clamd[25456]: Bytecode: Security mode set to "TrustSigned".
Sep 16 14:55:07 ip-172-31-42-25 clamd[25456]: Loaded 8565181 signatures.
Sep 16 14:55:10 ip-172-31-42-25 clamd[25456]: LOCAL: Could not create socket directory: /var/run/clamd.scan: Permission denied
Sep 16 14:55:10 ip-172-31-42-25 clamd: ERROR: LOCAL: Could not create socket directory: /var/run/clamd.scan: Permission denied
Sep 16 14:55:10 ip-172-31-42-25 clamd: ERROR: LOCAL: Socket file /var/run/clamd.scan/clamd.sock could not be bound: No such file or directory
Sep 16 14:55:10 ip-172-31-42-25 clamd[25456]: LOCAL: Socket file /var/run/clamd.scan/clamd.sock could not be bound: No such file or directory
Sep 16 14:55:10 ip-172-31-42-25 systemd: clamd@scan.service: control process exited, code=exited status=1
Sep 16 14:55:10 ip-172-31-42-25 systemd: Failed to start clamd scanner (scan) daemon.
Sep 16 14:55:10 ip-172-31-42-25 systemd: Unit clamd@scan.service entered failed state.
Sep 16 14:55:10 ip-172-31-42-25 systemd: clamd@scan.service failed.
Sep 16 14:55:10 ip-172-31-42-25 systemd: clamd@scan.service holdoff time over, scheduling restart.
ls -la /var/run
lrwxrwxrwx. 1 root root 6 Oct 30  2020 /var/run -> ../run

Now, I'm thinking if the package in remi repository has changed and it stopped working.

(In this case I'm building image from base centos 7 image) Simply using one of the last working images I've built works fine

The CI is also broke, yours failed for a unrelated reason (ubuntu failed first and canceled the build on centos7)

I've forked the repo to my account, which shows the same errors https://github.com/Lusitaniae/ansible-role-clamav/runs/3623755748?check_suite_focus=true

Creating the directory in advance seems to solve it for Centos (may require different user/group for Ubuntu)

https://github.com/Lusitaniae/ansible-role-clamav/runs/3623866884

-- One of the last changes from remi repo https://koji.fedoraproject.org/koji/buildinfo?buildID=1825029

stale[bot] commented 2 years ago

This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!

Please read this blog post to see the reasons why I mark issues as stale.

stale[bot] commented 2 years ago

This issue has been closed due to inactivity. If you feel this is in error, please reopen the issue or file a new issue with the relevant details.